Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

In the world of security, a common tactic is to block malicious actions in an attempt to prevent harm, but that's not the approach that security startup DisruptOps is taking.

DisruptOps is taking a "guardrails" approach as part of the company's in-development cloud management platform for automated security and operations. The company announced on Oct. 17 that it has raised $2.5 million in a seed round of investment led by Rally Ventures to help fund development and the go-to-market plans, as it brings forward a new model for cloud security.

"Every organization that I have worked with over the years that gets to a certain scale of cloud ends up having to build their own automation just to keep their environments running," Rich Mogull, co-founder and vice president of product at DisruptOps, told eWEEK. "Almost always, the first place they start is with a concept called guardrails, which is basically the ability to monitor your environment to keep things in order."

Further reading

Mogull is well-known in the security industry as the CEO of Securosis, which is a cloud security consulting firm that he is still running as a separate business. He said he had the realization one day that organizations didn't have to run a scanner to find potential cloud misconfigurations; instead, organizations can make use of the APIs that cloud providers already have to determine configuration.

"I really don't need to scan the things. I can just make some API calls, and it tells me exactly the way things are at that point in time," he said.

At DisruptOps, the company is building a platform to automate and enable organizations to implement the guardrail approach, using the native-cloud platform's own APIs to understand and determine configuration.

How It Works

The DisruptOps system is a software-as-a-service (SaaS) platform that runs on Amazon Web Services (AWS). Mogull said there is nothing for users to install and all that is required is the appropriate access to a given cloud deployment. In a demonstration, Mogull showed how the guardrails approach can be used to help set up automated backups as well as prevent the unintended disclosure of information via publicly accessible Amazon S3 storage buckets.

"Why we call these guardrails and not blockers is because the objective is to try to reduce the risk without breaking something," Mogull said.

He added that often when an S3 bucket is opened up, or if an internet-facing administrative server was opened, it's typically a case of where an administrator was just trying to do something for work and got lazy, forgetting to close the access after opening it up.

"What we lock down are the known corporate IP address ranges that are pre-approved," Mogull said. "That's really not as much of a risk at that point because it's not exposed to the internet anymore and perhaps that person can still get their job done."

If the organization wants to take additional action and completely quarantine a session, that's an optional step that the DisruptOps platform enables as well. Mogull said DisruptOps' real objective over time is to have the system almost completely automated as users tune their rules to get the configuration they want.

The guardrails approach is intended to supplement the intelligent secure defaults that are already in place for many AWS services. For example, Mogull said AWS security groups have default settings that are relatively secure and S3 storage buckets that are always default to private.

"The problem is that once you start doing anything at scale in an enterprise environment, that's just not going to last," he said.

Additionally, he said Amazon provides a lot of alerting for different conditions that can be helpful for security. Managing alerts and configuration at scale can be a key challenge for many organizations.

"That's where I think there's room for tools like the ones we're building," he said.

DisruptOps is set to go into beta soon, and Mogull said there have already been some early users trying out the system. Assuming the beta process goes well, Mogull said a soft general availability of the DisruptOps platform will happen by the end of 2018.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.